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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. . 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)S Responsive to communication(s) filed on 28 February 2007 , 
2a)n This action is FINAL. 2b)l3 This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G, 213. 

Disposition of Claims 

4) ^ Claim(s) 1-13 and 15-22 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) [E1 Claim(s) 1-13 and 15-22 is/are rejected. . 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10) 0 The drawing(s) filed on is/are: a)D accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction Is required if the drawing(s) is objected to. See 37 CFR 1.121(d), 

1 1) n The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)nAII b)D Some * c)n None of: 

1 Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. _. 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1 -1 3 and 1 5-22 remain for examination. The correspondence filed 
2/28/07 added claims 16-22, amended claims 1-13 and 15, and cancelled claim 14. 

Response to Arguments 

2. Applicant's arguments with respect to claims 1-22 have been considered but are 
moot in view of the new ground(s) of rejection. 

3. Examiner notes that on page 8 of the amendment, Applicant argues that the 
claims should be allowable over "the combined art of Cho and Weitzman", despite there 
being no such references entered on the record for the instant application. Examiner 
assumes that this Is a typographical error, and thus the particular argument will not be 
considered. 

Claim Rejections - 35 USC § 103 

4. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

5. Claims 1 -1 1 , 1 3, and 1 5-22 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Atsmon (U.S. Patent 6,607,136). 

Regarding claims 1 and 16: 

Atsmon discloses a method and apparatus for securing online transactions on 
the Internet comprising: a smart card transmitting an identification sequence to a PC in 
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the form of a modulated signal (element 10 of Figure 1; col. 31, lines 29-55); a card 
reader in connection with the microphone Input of the PC sound card (col. 3, lines 52- 
63); and a PC applet demodulating the identification sequence, and characterized by 
the absence of processing means within the card reader (col. 32, lines 25-50 and 64- 
67). Although the preferred embodiment of Atsmon discloses the card reader producing 
sound that is heard by a microphone connected to the computer. Examiner takes 
Official Notice that the practice of using a cable to directly plug in an audio source into a 
computer for further processing was obvious in the art. Pursuant to MPEP 2144.03, 
Examiner supplies the references "How to record music from your LPs or cassettes to 
your computer" and "EPARA TECH NET: PSK31 Interfacing" references which disclose 
this limitation as general knowledge in the art. 

Regarding claims 2 and 17: 

Atsmon further discloses wherein the identification sequence comprises at least 
a unique card number (col. 16, lines 30-31) and a random number valid only once (col. 
81, lines 45-50). 

Regarding claims 3 and 18: 

Atsmon further discloses wherein the random number is a session key which is 
not transmitted to the authentication server (col. 16, lines 33-35). 
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Regarding claims 4 and 19: 

Atsmon furtlier discloses wherein the session key is a function of the previous 
one emitted by the card (col. 16, lines 60-65). 

Regarding claims 5 and 20: 

Atsmon further discloses wherein the session key is used by the PC applet to 
generate a message authentication code of the password entered by the user; said first 
MAC is transmitted to the authentication server along with the card number (col. 52, 
lines 30-45; see also col. 32, lines 64-67). 

Regarding claims 6 and 21: 

Atsmon further discloses wherein the server generates a second MAC of the 
password stored in the server authentication database, using a session key deduced 
from the previous session key also stored in the database (col. 60, lines 20-38; see also 
col. 16, lines 60-67). 

Regarding claims 7 and 22: 

Atsmon further discloses wherein the authentication is valid only if said first and 
second MAC are identical; and wherein the authentication server replaces Ki-1 with Ki 
and Ki cannot be reused (col. 78, lines 11-38). 
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Regarding claim 8: 

Atsmon further discloses wherein the smart card is powered by the voltage 
provided by the microphone input of the PC sound card (col. 3, lines 52-57). 

Regarding claim 9: 

Atsmon further discloses wherein the smart card transmits the modulated signal 
when the switch of the card reader is pressed by the user (col. 28, lines 6-18). 

Regarding claim 10: 

Atsmon further discloses wherein at least one embodiment of the invention 
conforms to the ISO standards for smart cards (col. 25, lines 10-15). Consequently, it is 
inherent to such embodiments that the smart card transmits the modulated signal to the 
microphone input through ISO contact C6 (see also the IS07816 reference, page 3). 

Regarding claim 11: 

Atsmon further discloses wherein at least one embodiment of the invention 
conforms to the ISO standards for smart cards (col. 25, lines 10-15). Consequently, it is 
inherent to such embodiments that the smart card transmits the modulated signal when 
the ISO contact C2 is pulled down (see also the IS07816 reference, page 3). 
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Regarding claim 13: 

Atsmon further discloses wherein the card reader further comprises a battery cell 
powering the card (col. 3, lines 52-57; see also element 251 of Figure 26). It is inherent 
to the SoundBlaster cards used in the preferred embodiment of Atsmon (col. 31, lines 
30-35) that they possess line inputs which exist as alternatives to plug other 
miscellaneous devices into (for illustration, see the enclosed Creative Sound Blaster 
manual, page 1-7). Also see MPEP 2163.07(a). 

Regarding claim 15: 

Atsmon further discloses wherein the card reader is further integrated into the PC 
unit (col. 3, lines 48-52). 

6. Claim 12 is rejected under 35 U.S.C. 103(a) as being unpatentable over Atsmon, 
and further in view of ISO 7816. 

Regarding claim 12: 

Atsmon further discloses all the limitations of claim 1 1 above. Atsmon further 
discloses wherein at least one embodiment of the invention conforms to the ISO 
standards for smart cards (col. 25, lines 10-15). The ISO discloses only one set of 
power contacts for one power source (C1 and C5, ISO 7816, page 3, section 2.2.3). 
However, Atsmon has an embodiment where the smart card is in contact with multiple 
power sources exist: both a battery on the card (element 251 of Figure 26) and a power 
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supply in the reader (col. 3, lines 52-57); furtherniore, contacts C4 and C8 were left 
reserved for future use. (see ISO 7816, page 4, section 2.3.1). It would have been 
obvious to use those contacts to allow both power sources to be connected to, the card 
simulataneously, as the motivation for doing so would be to allow the card to recharge 
the battery (Atsmon, col. 3, lines 52-57). 



7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tom Gyorfi whose telephone number is (571) 272-3849. 
The examiner can normally be reached on 8:30am - 5:00pm Monday - Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). It you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. N 
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